beat.hostname appears to be the output from "hostname", not "hostname -f", which I'm told (I'm not a Linux BOFH) should in a properly configured system be the leaf name, not the FQDN.
beat.name defaults to beat.hostname, and host (for Filebeat) is set to beat.hostname. None of which gives you the FQDN.
For an obvious example as to why you might want the FQDN, suppose you have a naming scheme where you have hosts like "node2.cassandra.test.example.com", "node5.kafka.production.example.com" etc - the leaf name does not uniquely identify the host.
Yes I know I can hard code the FQDN in the configuration file to set beat.name (or some new field of my choice), but that means discovering the FQDN somehow and then generating the configuration file, and yes I know that I can substitute an environment variable instead of having the FQDN hard coded, but that means finding out how to hack whatever-it-is that launches the beats as services, and somehow build the hacked whatever-it-is into our deployment system, both of which are a non-trivial amount of work and neither of which is attractive.
And yes I've seen that someone has raised a ticket asking for "hostname -f" to be used instead of "hostname", but the discussion there appears to have fizzled out without any conclusion being reached or action being agreed.
I can't be the only person who wants to know which host generated which Beats document! - so what do other people do?